Title: Efficent Static Detection of Collusion Attacks in ARBAC-based Workflow Systems
Time: 14:45
Location: Acadia Lab
Type: Research Result
Speaker: Enrico Steffinlongo
Abstract:
Authorization in workflow systems is usually built on top of role-based access control (RBAC); security policies on workflows are then expressed as constraints on the users performing a set of tasks and the roles assigned to them. Unfor-tunately, when role administration is distributed and potentially untrusted users contribute to the role assignment process, like in the case of Administrative RBAC (ARBAC), collusions may take place to circumvent the intended workflow security policies. In a collusion attack, a set of users of a workflow system collaborates by changing the user-to-role assignment, so as to sidestep the security policies and run up to completion a workflow they could not complete otherwise.
In this paper, we study the problem of collusion attacks in a formal model of workflows based on stable event structures and we define a precise notion of security against collusion. We then propose a static analysis technique based on a reduction to a role reachability problem for ARBAC, which can be used to prove or disprove security for a large class of workflow systems. We also discuss how to aggressively optimise the obtained role reachability problem to ensure its tractability. Finally, we implement our analysis in a tool, WARBAC, and we experimentally show its effectiveness on a set of publicly available examples, including a realistic case study.
Tag Archives: web authentication
24/01/2014 – Talk by Mauro Conti
Title: Future Internet Security and Privacy (challenges)
Time: 14:00
Location: Meeting room
Type: Research Result
Speaker: Mauro conti
Abstract:
The Internet is an amazing success story, connecting hundreds of millions of users. However, in the last decade, there has been a growing realization that the current Internet Protocol is reaching the limits of its senescence. In fact, the way people access and utilize it has changed radically since the 1970-s when its architecture was conceived.
This has prompted several research efforts that aim to design potential next-generation Internet architectures. In particular, Content-Centric Networking (CCN) is an emerging networking paradigm being considered as a possible replacement for the current IP-based host-centric Internet infrastructure. CCN focuses on content distribution, which is arguably not well served by IP. Named-Data Networking (NDN) is an example of CCN.
NDN is also an active research project under the NSF Future Internet Architectures (FIA) program. FIA emphasizes security and privacy from the outset and by design. To be a viable Internet architecture, NDN must be resilient against current and emerging threats.
In this talk, we highlight the main security and privacy issues we identified in NDN. Then, as a representative case, we discuss interest flooding, a possible denial-of-service attack that exploits key architectural features of NDN. We show that an adversary with limited resources can implement such attack, having a significant impact on network performance. We then introduce Poseidon: a framework for detecting and mitigating interest flooding attacks. Finally, we report on results of extensive simulations assessing proposed countermeasure.
27/11/2013 – Talk by Stefano Calzavara
Title: Formalizing and Enforcing Web Session Integrity
Time: 11:00
Location: Meeting room
Type: Research Result
Speaker: Stefano Calzavara
Abstract:
Enforcing protection at the browser side has recently become a popular approach for securing web authentication, even when web application developers do not follow recommended security guidelines. Though interesting, existing attempts in the literature only address specific classes of attacks, and thus fall short of providing robust foundations to reason on web authentication security. In this talk we provide such foundations, by introducing a novel notion of web session integrity, which allows us to capture many existing attacks and spot some new ones. We then discuss FF+, a security-enhanced model of a web browser that provides a full-fledged and provably sound enforcement of web session integrity. We leverage our theory to develop SessInt, a prototype extension for Google Chrome implementing the security mechanisms formalized in FF+. SessInt provides a level of security very close to FF+, while keeping an eye at usability and user experience.
